The controller in terms of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions concerning data protection is:
Speicherstraße 57-59, 60327 Frankfurt am Main, Germany.
Registered office: Frankfurt am Main
Frankfurt am Main registrar of companies – commercial register no. – HRB 73783
VAT ID No.: DE 206435658.
Promerit AG has opted to appoint INTARGIA Managementberatung GmbH, Max-Planck-Straße 20, 63303 Dreieich, Germany, as external Data Protection Officer.
The data protection declaration of the “Promerit AG” is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
When you visit our website, we store certain information about the browser and operating system you use, the date and time of your visit, the access status (e.g. whether you were able to access a website or received an error message), the use of website functions, the search terms you may have entered, the frequency with which you access individual websites, the designation of files accessed, the amount of data transferred, the website from which you accessed our websites and the website which you visit from our websites, either by clicking on links on our websites or by entering a do-main directly in the input field of the same tab (or the same window) of your browser in which you opened our websites. We also store your IP ad-dress and the name of your Internet service provider for seven days for security reasons, in particular to prevent and detect attacks on our websites or attempts at fraud.
We only store other personal data if you provide this data, e.g. as part of a registration, a contact form, a survey, a price competition or for the execution of a contract, and even in these cases only insofar as this is permitted to us on the basis of a consent given by you or in accordance with the applicable legal provisions (further information on this can be found below in the section “Legal basis of processing”).
You are not legally or contractually obliged to make available your personal data. However, it is possible that certain functions of our websites depend on the availability of personal data. If you do not make available personal data in these cases, this may result in functions not being available or only being available to a limited extent.
Cookies are small files that are placed on your desktop, notebook or mobile device by a website you visit. From this we can, for example, recognize whether there has already been a connection between your device and our websites, or which language or other settings you prefer. Cookies may also contain personal data.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Here you will find an overview of the cookies we use:
|Statistics||Google Tag Manager, Google Analytics|
|External media||Google Maps, Vimeo, YouTube|
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
We implement your objection by setting an opt-out cookie in your browser. This cookie is only used to associate your objection. Please note that for technical reasons, an opt-out cookie only works in the browser in which it was set. If you delete the cookies or use a different browser or device, please opt-out again.
Should you send us enquiries via the contact form, per mail or any other opportunity on our website, we will collect the data entered on the form, including the contact details you provide (e.g. first name, surname, e-mail address, telephone number, company name, town and postcode) in the customer-relationship-management system – CRM – if necessary for the purpose of processing the enquiry and in the event of any follow-up questions.
We do not share this information without your permission. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form (name, surname, e-mail address, telephone number, company name) until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Promerit is committed to ensuring fair and transparent processing. That is why it is important to us that persons concerned can not only exercise their right to object but also to exercise the following rights where the respective legal requirements are satisfied:
To enforce your rights, please use the details provided in the “Contact” section (see no. 13). In doing so, please ensure that an unambiguous identification of your person is possible.
When you visit our websites, the social plug-ins are deactivated, i.e. no data is transmitted to the operators of these networks. If you want to use one of the networks, click on the respective social plug-in to establish a direct connection to the server of the respective network.
If you have a user account on the network and are logged in when you activate the social plug-in, the network can associate your visit to our websites with your user account. If you want to avoid this, please log out of the network before activating the social plug-in. A social network cannot associate a visit to other Daimler websites until you have activated an existing social plug-in.
When you activate a social plug-in, the network transfers the content that becomes available directly to your browser, which integrates it into our websites. In this situation, data transmissions can also take place that are initiated and controlled by the respective social network. Your connection to a social network, the data transfers taking place between the network and your system, and your interactions on that platform are governed solely by the privacy policies of that network.
The social plug-in remains active until you deactivate it or delete your cookies.
Use of Facebook plugins
Facebook is provided under www.facebook.com by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and under www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5–7 Hanover Quay, Dublin 2, Ireland (“Facebook”). You will find an overview of the plugins from Facebook and their appearance here:
https://developers.facebook.com/docs/plugins/?locale=en_EN; you will find information on data protection at Facebook here: http://www.facebook.com/policy.
Use of Twitter plugins
Twitter is provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). You will find an overview of the plugins from Twitter and their appearance here: https://developer.twitter.com/; you will find information on data protection at Twitter here: https://twitter.com/de/privacy.
Use of LinkedIn plugins
LinkedIn is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). You will find an overview of the plugins from LinkedIn and their appearance here: https://developer.linkedin.com/plugins; you will find information on data protection at LinkedIn here: https://www.linkedin.com/legal/privacy-policy.
Use of Instagram plugins
Instagram is provided by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA (“Instagram”). You will find information on data protection at Instagram here: https://help.instagram.com/155833707900388.
Use of Xing plugins
Xing is provided by XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland (“Xing”). You will find an overview of the plugins from Xing and their appearance here: https://dev.xing.com/ and you will find information on data protection at Xing here: https://privacy.xing.com/en/privacy-policy.
Use of YouTube Plugin
Use of Vimeo Plugin
Use of Google Maps Plugin
This page uses the map service Google Maps via an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
For the use of the functions of Google Maps it is necessary to store your IP address. This information is usually transmitted to a server of Google LLC in the USA and saved there. The provider of this page does not have any influence on this transmission of data.
The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places listed by us on the website. This represents a predominant legitimate interest on our part within the meaning of article 6 section 1 lit. f GDPR.
Use of Google web fonts
This site uses so-called web fonts of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, the browser you are using has to connect to the servers of Google. This informs Google that our website was accessed via your IP address. The use of Google web fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a predominant legitimate interest on our part within the meaning of article 6 section 1 lit. f GDPR.
Your computer will use a standard font if your browser does not support web fonts.
Liability for links
Our offer contains links to external websites of third parties, on whose contents we have no influence. Therefore we cannot assume any liability for these external contents. The respective provider or operator of the sites is always responsible for the contents of the linked sites. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not identified at the time of linking.
However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any violations of the law, we will remove such links immediately.
We collect and process the personal data of applicants for the purpose of processing the application process. Processing can also be done electronically. This is particularly the case if an applicant sends the relevant application documents to the responsible person, for example by email or via a web form on the website. If we conclude an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the legal requirement. If we do not conclude an employment contract with the applicant, the application documents will be deleted within the legally applicable period.
The tools and systems we use therefor are: Workday, Talentry, Cut-e.
We use Talentry for employee recruitment and retention. In the case of an application via the tool, the data provided by the applicant (e.g. address data, e-mail address, telephone number, date of birth, salary data, CV, application photo, certificates, aptitude diagnostics documents) is stored in the system for the duration of the application process. Registered office: Nymphenburger Str. 86 80636 Munich, link to the data protection declaration: https://www.talentry.com/dataprotection/
If you have given your consent on the website to receive the newsletter – until you revoke it, or the termination of the newsletter dispatch by Promerit – we would like to give you the following information:
The legal basis for processing is consent.
Your consent relates to the processing of the following personal data you have voluntarily submitted:
Your consent serves the purpose of using your email address to send the newsletter to the named address.
The newsletter informs you about events and new services of Promerit/Mercer.
In each newsletter, we analyze your usage behavior using cookies and similar technologies for the individualization of communication – e.g. Openings, clicks, reading time and possible bookings are analyzed.
The personalization in the newsletter is based on analysis:
The following systems and technologies are used in newslettering:
The website operator together with the agency Smack Communications has created and hosted this website using the CMS WordPress, using services that WordPress has integrated into its content management system and hosting. These services ensure the functionality of the page. The website is hosted by the agency Webfox.
WordPress, registered office: Aut O’Mattic A8C Ireland Ltd, Business Centre, No.1 Lower Mayor Street International Financial Services Centre, Dublin 1, Ireland; For the privacy statement: https://automattic.com/de/privacy/
This website uses the “Google Analytics” service, which is operated by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), to analyse the use of the website by users. This service uses “cookies” – small text files which are stored on your terminal. The information collected by the cookies is usually transferred to a Google server in the USA and stored there.
IP anonymisation applies to this website. The IP address of users is shortened within the member states of the EU and the European Economic Area. This shortening means that your IP address can no longer be attributed to you as an individual. Within the scope of the third-party data processing agreement which the website operators have concluded with Google Inc., Google Inc. uses the collected information to create an analysis of website use and website activity and provides services related to internet use.
You have the option to prevent the setting of cookies on your device by configuring your browser settings accordingly. We cannot guarantee that you will be able to access all functions of this website without restriction if your browser does not allow cookies.
Furthermore, you may use a browser plugin to prevent the information collected by cookies (including your IP address) being sent to Google Inc. and being used by Google Inc. The plugin is available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, you can prevent Google Analytics from collecting data about you on this website by clicking on this button. By clicking on the button above, you download an “opt-out cookie”. Your browser must therefore generally allow cookies to be saved. If you delete your cookies regularly, you will need to click the button again each time you visit this website.
More information on data usage by Google Inc. can be found here: https://support.google.com/analytics/answer/6004245?hl=de
In accordance with the principles of data reduction and economy, we store personal data only as long as storage is required or is prescribed by statute (statutory retention period). Once the purpose of the collected information no longer applies or the retention period expires we block or delete the data.